steve_cross_650
Feb 01, 2007Nimbostratus
using ends_with crashed my site -- what am I doing wrong?????
i have a https virtual server that i was trying to implement a simple rule
* if this https request is not one of five select pages, redirect user to http page
here was my initial rule:
when HTTP_REQUEST {
if { [matchclass [string tolower [HTTP::uri]] starts_with $::secure_pages]}
{
pool public_http_pool
}
else
{
HTTP::redirect "http://[HTTP::host][HTTP::uri]"
}
}
(secure_pages was a string list of pages that should be https.)
Unfortunately, when I implemented the above rule i noticed that my pages would initially be secure and then get redirected to the same url but no longer show as secure in the browser (lock symbol would show up and then disappear). I turned on logging and found that by opening up one .aspx page (our app is in .NET) that it was spawning many requests:
Rule https_to_http : page not in secure list: /css/main.css
Rule https_to_http : page not in secure list: /scripts/betaScripts.js
Rule https_to_http : page not in secure list: /aspnet_client/system_web/1_1_4322/SmartNav.htm
Rule https_to_http : page not in secure list: /VAM/3_0_1/VAM.js
Rule https_to_http : page not in secure list: /aspnet_client/system_web/1_1_4322/SmartNav.js
Rule https_to_http : page not in secure list: /images/beta_logo.jpg
Rule https_to_http : page not in secure list: /images/icon_form_arrow.gif
Rule https_to_http : page not in secure list: /images/icon_arrow_green.gif
Rule https_to_http : page not in secure list: /images/beta_login_bg.gif
Rule https_to_http : SECURE PAGE: /Login.aspx
So that means my iRule was having to process each request separately for this one page. Since the only time I want to redirect from https to http is when the URL ends with .aspx I thought I could use the following iRule instead:
when HTTP_REQUEST {
if { [matchclass [string tolower [HTTP::uri]] starts_with $::secure_pages]}
{
pool public_http_pool
}
elseif {[matchclass [string tolower [HTTP::uri]] ends_with ".aspx"]}
{
HTTP::redirect "http:// [HTTP::host] [HTTP::uri]"
}
}
As soon as I did my first https request w/ this new code my site went down hard. I removed that code, did many https requests – no problem. Turned that code back on and again the first request has me down hard. In the log I started immediately getting
TmmMsgHandler.cpp:111 - UDP send failed: Network is unreachable
What am I doing wrong here? What can I do to just check certain .aspx pages to see if they are https and then redirect to http when needed?